Security and privacy architecture
How AiSU handles your data, protects your privacy, and meets compliance requirements.
Transient processing
AiSU never stores your documents. Files are retrieved from your cloud provider at query time, processed in memory, and discarded after the response is generated. There is no persistent document cache, no shadow copy, and no data lake. Your files remain exclusively in the storage you control.
GDPR compliance
AiSU processes data within EU infrastructure. We provide a Data Processing Agreement (DPA) on request. Data subject access requests, rectification, and erasure are fully supported. Because we operate on transient processing, the right to erasure is satisfied by default: there is nothing to delete.
Encryption & isolation
All data in transit is protected with TLS 1.3. OAuth tokens are encrypted at rest with AES-256. Each organisation operates in a fully isolated scope: queries, document access, and metadata are partitioned per-org with no cross-tenant data paths.
Authentication
AiSU authenticates via OAuth 2.0 with Google and Microsoft. We never see or store user passwords. SSO is supported for organisations that require centralised identity management. Two-factor authentication is available for all accounts.
Audit & governance
Every document access is logged with user, timestamp, and action. Administrators can review audit trails, monitor query patterns, and generate compliance reports. Document sensitivity classification is applied automatically during indexing.
Questions about security?
Contact us for our DPA template, sub-processor documentation, or a security walkthrough.